[v2,Yakkety,SRU,1/1] net: fix incorrect original ingress device index in PKTINFO

Message ID 1492728017-4315-2-git-send-email-jorge.niedbalski@canonical.com
State New
Headers show

Commit Message

jorge.niedbalski@canonical.com April 20, 2017, 10:40 p.m.
From: Wei Zhang <asuka.com@163.com>

BugLink: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1683982

When we send a packet for our own local address on a non-loopback
interface (e.g. eth0), due to the change had been introduced from
commit 0b922b7a829c ("net: original ingress device index in PKTINFO"), the
original ingress device index would be set as the loopback interface.
However, the packet should be considered as if it is being arrived via the
sending interface (eth0), otherwise it would break the expectation of the
userspace application (e.g. the DHCPRELEASE message from dhcp_release
binary would be ignored by the dnsmasq daemon, since it come from lo which
is not the interface dnsmasq bind to)

Fixes: 0b922b7a829c ("net: original ingress device index in PKTINFO")
Acked-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: Wei Zhang <asuka.com@163.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit f0c16ba8933ed217c2688b277410b2a37ba81591)
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>
---
 net/ipv4/ip_sockglue.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

Comments

Seth Forshee April 21, 2017, 12:28 p.m. | #1
On Thu, Apr 20, 2017 at 07:40:17PM -0300, jorge.niedbalski@canonical.com wrote:
> From: Wei Zhang <asuka.com@163.com>
> 
> BugLink: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1683982
> 
> When we send a packet for our own local address on a non-loopback
> interface (e.g. eth0), due to the change had been introduced from
> commit 0b922b7a829c ("net: original ingress device index in PKTINFO"), the
> original ingress device index would be set as the loopback interface.
> However, the packet should be considered as if it is being arrived via the
> sending interface (eth0), otherwise it would break the expectation of the
> userspace application (e.g. the DHCPRELEASE message from dhcp_release
> binary would be ignored by the dnsmasq daemon, since it come from lo which
> is not the interface dnsmasq bind to)
> 
> Fixes: 0b922b7a829c ("net: original ingress device index in PKTINFO")
> Acked-by: David Ahern <dsa@cumulusnetworks.com>
> Signed-off-by: Wei Zhang <asuka.com@163.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
> (cherry picked from commit f0c16ba8933ed217c2688b277410b2a37ba81591)
> Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>

Acked-by: Seth Forshee <seth.forshee@canonical.com>
Colin Ian King April 21, 2017, 12:31 p.m. | #2
On 20/04/17 23:40, jorge.niedbalski@canonical.com wrote:
> From: Wei Zhang <asuka.com@163.com>
> 
> BugLink: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1683982
> 
> When we send a packet for our own local address on a non-loopback
> interface (e.g. eth0), due to the change had been introduced from
> commit 0b922b7a829c ("net: original ingress device index in PKTINFO"), the
> original ingress device index would be set as the loopback interface.
> However, the packet should be considered as if it is being arrived via the
> sending interface (eth0), otherwise it would break the expectation of the
> userspace application (e.g. the DHCPRELEASE message from dhcp_release
> binary would be ignored by the dnsmasq daemon, since it come from lo which
> is not the interface dnsmasq bind to)
> 
> Fixes: 0b922b7a829c ("net: original ingress device index in PKTINFO")
> Acked-by: David Ahern <dsa@cumulusnetworks.com>
> Signed-off-by: Wei Zhang <asuka.com@163.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
> (cherry picked from commit f0c16ba8933ed217c2688b277410b2a37ba81591)
> Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>
> ---
>  net/ipv4/ip_sockglue.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
> index 11ef96e..5519205 100644
> --- a/net/ipv4/ip_sockglue.c
> +++ b/net/ipv4/ip_sockglue.c
> @@ -1199,8 +1199,14 @@ void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb)
>  		 * which has interface index (iif) as the first member of the
>  		 * underlying inet{6}_skb_parm struct. This code then overlays
>  		 * PKTINFO_SKB_CB and in_pktinfo also has iif as the first
> -		 * element so the iif is picked up from the prior IPCB
> +		 * element so the iif is picked up from the prior IPCB. If iif
> +		 * is the loopback interface, then return the sending interface
> +		 * (e.g., process binds socket to eth0 for Tx which is
> +		 * redirected to loopback in the rtable/dst).
>  		 */
> +		if (pktinfo->ipi_ifindex == LOOPBACK_IFINDEX)
> +			pktinfo->ipi_ifindex = inet_iif(skb);
> +
>  		pktinfo->ipi_spec_dst.s_addr = fib_compute_spec_dst(skb);
>  	} else {
>  		pktinfo->ipi_ifindex = 0;
> 

Upstream cherry pick, fixes a known issue, good testing. So..

Acked-by: Colin Ian King <colin.king@canonical.com>

Patch

diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 11ef96e..5519205 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -1199,8 +1199,14 @@  void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb)
 		 * which has interface index (iif) as the first member of the
 		 * underlying inet{6}_skb_parm struct. This code then overlays
 		 * PKTINFO_SKB_CB and in_pktinfo also has iif as the first
-		 * element so the iif is picked up from the prior IPCB
+		 * element so the iif is picked up from the prior IPCB. If iif
+		 * is the loopback interface, then return the sending interface
+		 * (e.g., process binds socket to eth0 for Tx which is
+		 * redirected to loopback in the rtable/dst).
 		 */
+		if (pktinfo->ipi_ifindex == LOOPBACK_IFINDEX)
+			pktinfo->ipi_ifindex = inet_iif(skb);
+
 		pktinfo->ipi_spec_dst.s_addr = fib_compute_spec_dst(skb);
 	} else {
 		pktinfo->ipi_ifindex = 0;